1. Technical Field
One or more embodiments described herein relate generally to enhancing data security. More specifically, one or more embodiments relate to abating padding oracle attacks in a network environment.
2. Background and Relevant Art
As much of the world's business and commerce transitions to the Internet, data security is an ever-growing concern. It is not uncommon for a company with an on-line presence to become the target of any of a number of different types of cyber attacks. For this reason, on-line communications and transactions data is often encrypted. Thus, if a hacker manages to exploit a network weakness and break into a particular system, the data residing therein is obfuscated to the point that it is unreadable. Despite this, some types of attacks seek to break through various encryption algorithms, such that even encrypted data is no longer safe.
A padding oracle attack is one such attack that exploits commonly used encryption schemes. For example, in certain block cipher mode encryption algorithms (e.g., “Electronic Codebook” mode encryption, “Cipher Block Chaining” mode encryption) plain text blocks are “padded” before encryption such that the encryption results in a series of cipher text blocks that are each a standard length. In a padding oracle attack, an attacker at a client-computing device can intercept an encrypted message. The attacker can flip or change a single bit within the block and forward the encrypted message to the intended oracle server. The oracle server may detect an error and send an error message back to the attacker. The error message can include details of precisely what the error was, e.g., whether the error was detected in the decryption process, or whether the error was detected in a subsequent processing stage, and if so, the precise nature of the error. Often the information from the error message is a function of the original message and the modifications performed by the attacker. For certain cryptographic techniques, this information is such that, after a number of similar modifications and re-transmissions, the attacker may be able to determine the content of the original message or even cause the oracle server to decrypt messages (sent by the attacker) using the oracle's key.
Thus, there is a need for a method for detecting and abating padding oracle attacks.